forget my admin password

Question

Answers

VSSAdmin allows the Admin user to reset the passwords for other VSS users (with no loss).

Of course, in Windows, for an Administrator to change passwords, the Administrator must remember his password, right? (You can't change the Administrator password this way). And for Passport there are other ways to verify your identity before reseting the password...

Microsoft Customer Support will not help you recover any password for Microsoft products, as far as I know. It is illegal.

Alin

Wednesday, December 28, 2005 7:55 PM

Moderator

All replies

Create a Windows user called 'Admin' and log on to that user (or run the VSS administrator program under that user using RunAs). VSS will use the Windows user and you won't need the password. At least that's the case if you have 'Use network name for automatic logon' set. http://support.microsoft.com/kb/283618/en-us

The other option is to force the password back to blank. by hacking um.dat with a hex editing tool. Search the web and you'll find various step by step guides. This isn't officially sanctioned by Microsoft and is definitely 'use at your own risk'. http://blog.ali213.net/nightcat/archive/2005/01/10/1055.aspx

If I remember correctly, hacking um.dat as described causes "um.dat is corrupt" messages on VSS startup.

That didn't happen the one time I used this approach, but I was working on a test copy of a VSS database that I could recreate if I had to so I wouldn't have been too worried if something terrible had happened.

Hack at your own risk!

Any chance Microsoft will provide a supported remedy for the problem of forgotten passwords?

But surely Microsoft can provide some mechanism within Visual SourceSafe to allow customers to reset their password? With suitable levels of protection and audit of course.

The Windows User account mechanism allows an administrator to reset a password (albeit with the loss of encrypted data). Microsoft Passport provides a mechanism for resetting my password if I forget it. Why not VSS?

VSSAdmin allows the Admin user to reset the passwords for other VSS users (with no loss).

Of course, in Windows, for an Administrator to change passwords, the Administrator must remember his password, right? (You can't change the Administrator password this way). And for Passport there are other ways to verify your identity before reseting the password...

Microsoft Customer Support will not help you recover any password for Microsoft products, as far as I know. It is illegal.

Of course, in Windows, for an Administrator to change passwords, the Administrator must remember his password, right?

Not really. If there is more than one administrator defined, then one administrator can reset another administrator's account. Of course that solution isn't perfect, resetting a password like that makes encrypted data inaccessible.

Yes you can reset the builtin Administrator's password from another account with administrative privileges. I just tried it on a Virtual PC I have.

Microsoft Customer Support will not help you recover any password for Microsoft products, as far as I know. It is illegal.

I think we are talking at cross purposes here. I accept that (for whatever reason) Microsoft will not help a customer recover a password they have lost. That's water under the bridge.

What I'm suggesting is that, for the benefit of future victims of this not uncommon problem, Microsoft change Visual SourceSafe to add some suitable mechanism to allow customers to fix the problem themselves.

This isn't the place to design such a mechanism but just to be clear...

One example of such a mechanism would be a VSS Password Reset Disk. I don't much care for that as a solution - it still leaves you in the position that if the disk is lost or damaged you lose the ability to reset your password. Still, it would be better than what we have today (nothing that's supported).

Another example of a suitable mechanism would be to allow a Windows user called Admin to reset the Admin password without first supplying the old password so long as certain criteria were met, for example

'Use network name for automatic logon' is set

Admin was logged on at the server console

Admin was a member of the local administrator's group

Admin was the owner of the um.dat file

The second criterion ensures some level of physical security (assuming the site keeps their SourceSafe server in an area with access controls). The third criterion ensures that not just any user called 'Admin' can be used and increases the liklihood that more attention than usual is payed to who has access to the account. The fourth criterion ensures that a Security event log entry is written (when Admin takes ownership) providing some level of auditability. VSS could also write a suitable Security Event Log Entry

The third and fourth criteria also mean that the Admin user had enough privilege and access to be able to perform the um.dat hex edit hack anyway.

if you changed the password and made a mistake doing it you can get your old password back in the following way:

shutdown your windows xp, vista or w7 computer and restart it. after the biosbootscreen (just wait like you always do) push F8 until a window shows up telling how save you would like to startup your pc. in this list select "use latest good configuration"or something (in dutch "laatste werkende configuratie").

your computer will scratch back all changes made in the past few days.

if this isn't an option try http://www.geeksaresexy.net/2009/03/04/how-to-recovering-your-windows-password/ i am currently trying this on a virtual machine and will post back if it works.

there is an other option. if you changed the password and made a mistake doing it you can get your old password back in the following way: shutdown your windows xp, vista or w7 computer and restart it. after the biosbootscreen (just wait like you always do) push F8 until a window shows up telling how save you would like to startup your pc. in this list select "use latest good configuration"or something (in dutch "laatste werkende configuratie"). your computer will scratch back all changes made in the past few days. if this isn't an option try http://www.geeksaresexy.net/2009/03/04/how-to-recovering-your-windows-password/ i am currently trying this on a virtual machine and will post back if it works.

it works!! i tried it on an sd card and admin userpassword is nuked. i can just login.

but watch out if you use acer filedecryption or windows filedecription the files will become unaccecable (since the encryption is made by calculating the binary's with a cyphers generated from the password) but if you don't know this function excists or never tried it, it's allrigt.

remember not to change the administrator settings but the user with adminrights!! so type your'e username if the screen asks for a username

good luck installing it folks

amonfog

ps: smartest way is to erase the password and make a new one when your'e logged in again going to accountsettings in xp or ctrl-alt-del -->change password in vista and seven

This is very boring, but don't think it trouble.
Once I met the same problem.
And my friend recommand me to free download a software to
recovery password.
Called
Password Recovery Bundle
Password Recovery Bundle is a multifunctional tool to recovery many kinds of password.

Use the info in the posts above regarding the um.dat file. VSS is a different animal, and the methods for recovering the pwd above work just fine. There are blog posts regarding this method as well. Search for "Reset VSS password" to find
them.

In Windows 7 / Windows Server 2008 R2 you no longer have the Run As option with the UI to pick a particular account under which to run a program -- but you still have the RunAs Command Line option which was introduced with Windows Visa!

Find out the name of one of the admin users by peaking in the /Users folder where the Source Safe data files live -- there's usually a list -- one of them should strike you as an administrator -- let's say it's:
Admin.

Using the RunAs command to Run VSS Admin under an account in the VSS DB:
Create an "Admin" account with a password on your local machine.
use the Start/Run feature with the following command line:

You're prompted for the Windows User password for the Admin account
The VSS Admin client starts up and you're into the VSS database
Add a user with the same username as your normal Windows account name
And ythen you can easily use the VSS client to access the sourcesafe database

Daniel Hester

Saturday, September 29, 2012 5:43 AM

Microsoft is conducting an online survey to understand your opinion of the Msdn Web site. If you choose to participate, the online survey will be presented to you when you leave the Msdn Web site.